kernelsmith
ad8516eacf
fixed prompt issue, still need to restore context
...
see line 2519 area.
msf exploit(psexec) > grep -i -A 2 encoding show
<snip>
msf>
2013-01-15 17:57:28 -06:00
kernelsmith
4d33742482
fixed bug with -A
2013-01-15 17:35:57 -06:00
kernelsmith
86e4bb2db5
yard doc fixed and added for all _tabs methods
2013-01-15 16:42:02 -06:00
kernelsmith
c60556389f
add yard doc and allow for -A and -B at same time
2013-01-15 16:22:04 -06:00
kernelsmith
9ad726167e
changes to address scriptjunkie's rpc concerns
...
as described in https://github.com/rapid7/metasploit-framework/pull/820
2013-01-14 17:14:48 -06:00
kernelsmith
9bb2dddf99
adds @todo for when tab_comp norm is completed
...
tab_completion normalization is RM7649
2013-01-14 14:53:31 -06:00
kernelsmith
7ca9a216f4
Merge remote-tracking branch 'upstream/master' into msfconsole-grep
2013-01-14 14:15:32 -06:00
kernelsmith
3c44769bd8
attempt to add nested tab completion
2013-01-14 14:15:13 -06:00
jvazquez-r7
c6c59ace46
final cleanup
2013-01-14 20:53:19 +01:00
jvazquez-r7
5ecb0701ea
Merge branch 'freesshd_authbypass' of https://github.com/danielemartini/metasploit-framework into danielemartini-freesshd_authbypass
2013-01-14 20:52:45 +01:00
jvazquez-r7
702638a6a3
final cleanup
2013-01-14 17:36:24 +01:00
jvazquez-r7
b0a339708d
Merge branch 'w3totalcache' of https://github.com/FireFart/metasploit-framework into FireFart-w3totalcache
2013-01-14 17:35:48 +01:00
Christian Mehlmauer
b11fd48b05
implemented juans feedback
2013-01-14 17:06:52 +01:00
Christian Mehlmauer
8b85f7d977
fix msftidy
2013-01-14 14:55:53 +01:00
Christian Mehlmauer
0acbcfd964
fix url path
2013-01-14 14:39:50 +01:00
Christian Mehlmauer
c17ee70e66
Use target_uri for the wordpress url
2013-01-14 14:34:34 +01:00
Christian Mehlmauer
0c95938b1d
Added a request to force db caching
2013-01-13 20:12:37 +01:00
Daniele Martini
04fe1dae11
Added module for Freesshd Authentication Bypass (CVE-2012-6066)
...
This module works against FreeSSHD <= 1.2.6. Tested against
password and public key authentication methods. It will generate
a random key and password.
To use it you need to know a valid username. The module contains
a basic bruteforce methods, so you can specify more than one to try.
2013-01-13 17:08:04 +01:00
kernelsmith
7f90082bec
grep tab complete is working, but not fully
...
options tab complete, but not the commands at the end
2013-01-13 03:06:56 -06:00
kernelsmith
d9990829d9
fixes some issues with -k and -s
2013-01-13 02:39:56 -06:00
kernelsmith
1646fc8faa
Merge remote-tracking branch 'upstream/master' into msfconsole-grep
2013-01-13 02:18:54 -06:00
kernelsmith
e7372250d2
added -k keep and -s skip
2013-01-13 02:18:45 -06:00
James Lee
4703a6f737
Unbreak OptInt hex syntax
...
* Fix spec for no-longer-pending tests
* Fix regex in OptInt#valid? to allow hex syntax again
[See #1293 ][See #1296 ]
2013-01-12 14:17:29 -06:00
James Lee
5fc008566f
Merge branch 'master' of github.com:rapid7/metasploit-framework into rapid7
2013-01-12 14:08:47 -06:00
Christian Mehlmauer
27f100d37c
fix email
2013-01-12 14:24:29 +01:00
Christian Mehlmauer
d36c966931
spaces
2013-01-12 14:22:38 +01:00
Christian Mehlmauer
93b5980210
fix
2013-01-12 14:13:54 +01:00
Christian Mehlmauer
0b8094eb5d
w3_total_cache
2013-01-12 14:09:59 +01:00
HD Moore
06fb8f5443
Merge pull request #1293 from wchen-r7/optint_valid
...
Fix OptInt's valid?() function
2013-01-11 17:29:27 -08:00
HD Moore
bfc7c3ad0a
Merge pull request #1278 from kernelsmith/gitignore
...
change doc to doc/ in .gitignore
2013-01-11 17:28:48 -08:00
HD Moore
c1997e3b9d
Merge pull request #1296 from wchen-r7/normalize_optport
...
[FixRM: #7535 ] Missing normalize() in OptPort
2013-01-11 17:23:12 -08:00
kernelsmith
0b130e49e7
Squashed commit of the following:
...
commit 1beebe758c32a277e0a77f7d1011a56fda707732
Author: kernelsmith <kernelsmith@kernelsmith>
Date: Fri Jan 11 17:55:27 2013 -0600
fixes missing word in descript. of rails exploit
simple omission fix in description
[Closes #1295 ]
2013-01-11 19:02:06 -06:00
sinn3r
8c04df4a47
[FixRM: #7535 ] Missing normalize() in OptPort
...
[FixRM: #7535 ] - Sometimes OptPort can return as a String instead
of Fixnum because OptPort is missing the normalize() function.
2013-01-11 18:34:27 -06:00
James Lee
f9fe9441f0
Merge remote-tracking branch 'wchen-r7/optint_valid' into rapid7
2013-01-11 17:43:19 -06:00
sinn3r
ef6eec949c
Move impersonate_ssl
...
To 'gather', because it grabs stuff, not scans.
2013-01-11 17:22:27 -06:00
sinn3r
0347b173eb
Fix OptInt's valid?() function
...
[FixRM #7539 ] - The valid?() function will first normalize() the
user-supplied input before validation. The problem is that the
normalize() function will ALWAYS convert data to integer, therefore
whatever you validate, you will always get true. For example:
when I do "yomama".to_i, that returns 0, and of course will pass
integer validation.
2013-01-11 16:27:33 -06:00
sinn3r
4adf429c31
Adds one more ref
2013-01-11 01:33:26 -06:00
sinn3r
23ef8280be
Merge branch 'java_0day_refs' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-java_0day_refs
...
Conflicts:
modules/exploits/multi/browser/java_jre17_jmxbean.rb
2013-01-11 01:33:11 -06:00
HD Moore
6471a70053
Pass the X-HTTP-Method-Override parameter for compat
2013-01-10 20:27:13 -06:00
sinn3r
e709811c5a
CVE update
2013-01-10 19:51:04 -06:00
jvazquez-r7
2c05af721c
module also updated with refs
2013-01-11 00:57:05 +01:00
jvazquez-r7
51f3f59d2f
cve and references available
2013-01-11 00:54:53 +01:00
James Lee
19ff7f93ae
Merge remote-tracking branch 'wchen-r7/encoder_fixes' into rapid7
2013-01-10 17:41:08 -06:00
James Lee
0f346dde9e
Some whitespace and ruby -c fixes
2013-01-10 17:29:54 -06:00
James Lee
ab64c428ab
Merge remote-tracking branch 'kernelsmith/RM7676-migrate-h' into rapid7
2013-01-10 17:24:11 -06:00
James Lee
70c8296856
Merge branch 'master' of github.com:rapid7/metasploit-framework into rapid7
2013-01-10 17:20:24 -06:00
James Lee
d4854606f2
Cosmetic fixes
...
[FixRM #7223 ][See #1283 ]
2013-01-10 17:18:25 -06:00
sinn3r
192279544b
BufferRegister should be validated.
...
If BufferRegister is in lower-case, then gen_decoder_prefix will
return nil. When the return value is nil, other functions like
gen_decoder() will backtrace due to a "undefined method "+" for nil"
error. Therefore, this input should NOT be case-sensitive.
Also, if for some reason the user supplies an invalid BufferRegister,
the function should be aware of that and warn the user about the
bad input.
2013-01-10 17:14:38 -06:00
jvazquez-r7
6a7f8758e0
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-01-11 00:14:22 +01:00
sinn3r
0527a7ee9b
Import datastore options when using an encoder
...
If you can't pass datastore options, sometimes you can't even
use an encoder. [FixRM #7681 ]
2013-01-10 17:11:58 -06:00